

<?php

error_reporting(E_ALL); 

  require_once("OAuth.php");
  require("cert_file_accessor.php");
  
  class OrkutSignatureMethod extends OAuthSignatureMethod_RSA_SHA1 
  {
    protected function fetch_public_cert(&$request)
	{
		$cert_accessor = new CertFileAccessor('/ring_builder/certs', 'orkut');
		$cert = $cert_accessor->getPublicKey($_REQUEST['xoauth_signature_publickey']);
		return $cert;
    }
  }

  $request = OAuthRequest::from_request(null, null, array_merge($_GET, $_POST));
  $signature_method = new OrkutSignatureMethod();
  @$signature_valid = $signature_method->check_signature($request, null, null, $_GET["oauth_signature"]);

  if ($signature_valid == true) 
  {  // valid request
   
    
	require("connect.php");

	 if (isset($_REQUEST["user_id"])) $user_id = trim($_REQUEST["user_id"]) ; 
	 if (isset($_REQUEST["user_gender"])) $user_gender = trim($_REQUEST["user_gender"]) ; 
	 if (isset($_REQUEST["user_country"])) $user_country = trim($_REQUEST["user_country"]) ; 
	 if (isset($_REQUEST["user_profile_url"])) $user_profile_url = trim($_REQUEST["user_profile_url"]) ; 
	 if (isset($_REQUEST["display_name"])) $display_name = trim($_REQUEST["display_name"]) ;
	 if (isset($_REQUEST["th_url"])) $th_url = trim($_REQUEST["th_url"]) ;
	 
	 
 
	 if ($user_id != "" )
	 {
	 //	print "userid/"  ;
	  $query = "select * from orkut_users where user_id = '" . $user_id . "'";
	  $result = mysql_query($query, $con);
	  
	//  print mysql_num_rows($result).'/';
	  if (mysql_num_rows($result) == 0)
	  {
	  	//print "rowszero/"  ;
		 $insert_query = "insert into orkut_users(user_id,gender,country,profile_url,display_name,th_url) values('". $user_id . "','".$user_gender."','".$user_country."','".$user_profile_url."','".$display_name."','".$th_url."')" ;
		 
		
		 mysql_query($insert_query, $con); 
		 
	  }	
	  else 
	  {
		 $update_query = "update orkut_users set gender = '" . $user_gender . "',country = '". $user_country . "',profile_url='".$user_profile_url."',display_name= '" . $display_name . "',th_url='" . $th_url . "',  updated_on = now() where user_id = '" . $user_id . "'" ;
		//  print $update_query ;
		 mysql_query($update_query, $con);
		
	  }  
		
		mysql_free_result($result) ;
	
		
	 }
	 else
	 { 	
		echo("Invalid request!") ;
	 }
	
	mysql_close($con) ;
  } else {
    print "This request was spoofed";
  }

  //Add extra parameters to help debugging
 // $payload["query"] = array_merge($_GET, $_POST);
 // $payload["rawpost"] = file_get_contents("php://input");

  //Return the response as JSON
 // print(json_encode($payload));
 
  
  ?>
